Oracle Security Alert for CVE-2016-0636 - Beta Oracle CVRFOracle Security AlertCVE-2016-0636Final1.01.02016-03-23T13:00:00-07:00Initial Distribution2016-03-23T13:00:00-07:002016-03-23T13:00:00-07:00This document contains descriptions of Oracle product security vulnerabilities which have had fixes released for all supported versions and platforms for the associated product. Additional information regarding these vulnerabilities including fix distribution information can be found at the Oracle sites referenced in this document.This document is published at: http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/2949499.xmlhttp://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.htmlURL to html version of AdvisoryJava Version 8u73Java Version 8u74Java Version Java SE: 7u97CVE-2016-0636Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u97, 8u73 and 8u74. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS Base Score 9.3 (Confidentiality, Integrity and Availability impacts). CVSS V2 Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C). Oracle Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).Fix has been releasedCVE-2016-0636P-856V-Java SE: 7u97P-856V-8u73P-856V-8u749.3AV:N/AC:M/Au:N/C:C/I:C/A:CCVE-2016-0636Oracle customers with valid support contractshttp://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.htmlP-856V-Java SE: 7u97P-856V-8u73P-856V-8u74